<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@ taglib prefix="sql" uri="http://java.sun.com/jsp/jstl/sql"%>
<%@ taglib prefix="ora" uri="orataglib"%>
<%@page import="eBrain.model.DataManager"%>
<%@page import="eBrain.beans.User"%>
<jsp:useBean id="dataManager" scope="application"
	class="eBrain.model.DataManager" />
	
<% String base = (String)application.getAttribute("base"); %>

<%-- Remove the validUser session bean, if any --%>
<c:remove var="validUser" />

<c:if test="${empty param.userName || empty param.password}">
	<c:redirect url="/eBrain?action=login">
		<c:param name="errorMsg"
			value="You must enter a User Name and Password." />
	</c:redirect>
</c:if>

<%-- 
  See if the user name and password combination is valid. If not,
  redirect back to the login page with a message.
--%>

<%
	String pw = "";
	String UserId = request.getParameter("userName");
	String Password = request.getParameter("password");
	if (!dataManager.validatePassword(UserId, Password)) {
%>

<c:redirect url="/eBrain?action=login">
	<c:param name="errorMsg"
		value="The User Name or Password you entered is not valid." />
</c:redirect>
<%
	}
%>
<%--    
  Create an EmployeeBean and save it in 
  the session scope and redirect to the appropriate page.
--%>

<jsp:useBean id="validUser" scope="session"
	class="eBrain.beans.User">
</jsp:useBean>
    <% 
		session.setAttribute("validUser", dataManager.getUserByUserName(UserId));
		session.setMaxInactiveInterval(1200);
	%>

<c:choose>
	<c:when test="${!empty param.remember}">
		<ora:addCookie name="userName" value="${param.userName}"
			maxAge="2592000" />
		<ora:addCookie name="password" value="${param.password}"
			maxAge="2592000" />
	</c:when>
	<c:otherwise>
		<ora:addCookie name="userName" value="${param.userName}" maxAge="0" />
		<ora:addCookie name="password" value="${param.password}" maxAge="0" />
	</c:otherwise>
</c:choose>

<%-- 
  Redirect to the main page or to the original URL, if
  invoked as a result of a access attempt to a protected
  page.
--%>
<c:choose>
	<c:when test="${!empty param.origURL}">
		<c:redirect url="${param.origURL}"/>
	</c:when>
	<c:otherwise>
		<c:redirect url="/eBrain" />
	</c:otherwise>
</c:choose>
